A Security-Enhanced Scheme for ModBus TCP Protocol Based on Lightweight Cryptographic Algorithm

Αποθηκεύτηκε σε:

Λεπτομέρειες βιβλιογραφικής εγγραφής
Εκδόθηκε σε:	Electronics vol. 14, no. 18 (2025), p. 3674-3698
Κύριος συγγραφέας:	Le, Xiang
Άλλοι συγγραφείς:	Li, Ji, Zhao, Yong, Fan Zhaohong
Έκδοση:	MDPI AG
Θέματα:	National Institute of Standards & Technology Cryptography Encryption Data integrity Semantics Embedded systems Distributed network protocols Security Protocol Communication TCP (protocol) Confidentiality Design Algorithms Data encryption Control systems Retrofitting Ethernet Real time Integrity Authentication Energy consumption Industrial electronics
Διαθέσιμο Online:	Citation/Abstract Full Text + Graphics Full Text - PDF
Ετικέτες:	Προσθήκη ετικέτας Δεν υπάρχουν, Καταχωρήστε ετικέτα πρώτοι!

MARC


LEADER	00000nab a2200000uu 4500
001	3254508802
003	UK-CbPIL
022			\|a 2079-9292
024	7		\|a 10.3390/electronics14183674 \|2 doi
035			\|a 3254508802
045	2		\|b d20250101 \|b d20251231
084			\|a 231458 \|2 nlm
100	1		\|a Le, Xiang \|u School of Computer Science, Beijing University of Technology, Beijing 100124, Chinazhaoyong08@bjut.edu.cn (Y.Z.)
245	1		\|a A Security-Enhanced Scheme for ModBus TCP Protocol Based on Lightweight Cryptographic Algorithm
260			\|b MDPI AG \|c 2025
513			\|a Journal Article
520	3		\|a In modern industrial control systems (ICSs), communication protocols such as Modbus TCP remain widely used due to their simplicity, interoperability, and real-time performance. However, these communication protocols (e.g., Modbus TCP) were originally designed without security considerations, lacking essential features such as encryption, integrity protection, and authentication. This exposes ICS deployments to severe security threats, including eavesdropping, command injection, and replay attacks, especially when operating over unsecured networks. To address these critical vulnerabilities while preserving the lightweight nature of the protocol, we propose a Modbus TCP security enhancement scheme that integrates ASCON, an NIST-standardized authenticated encryption algorithm, with the CBOR Object Signing and Encryption (COSE) framework. Our design embeds COSE_Encrypt0 structures into Modbus application data, enabling end-to-end confidentiality, integrity, and replay protection without altering the protocol’s semantics or timing behavior. We implement the proposed scheme in C and evaluate it in a simulated embedded environment representative of typical ICS devices. Experimental results show that the solution incurs minimal computational and memory overhead, while providing robust cryptographic guarantees. This work demonstrates a practical pathway for retrofitting legacy ICS protocols with modern lightweight cryptography, enhancing system resilience without compromising compatibility or performance.
610		4	\|a National Institute of Standards & Technology
653			\|a Cryptography
653			\|a Encryption
653			\|a Data integrity
653			\|a Semantics
653			\|a Embedded systems
653			\|a Distributed network protocols
653			\|a Security
653			\|a Protocol
653			\|a Communication
653			\|a TCP (protocol)
653			\|a Confidentiality
653			\|a Design
653			\|a Algorithms
653			\|a Data encryption
653			\|a Control systems
653			\|a Retrofitting
653			\|a Ethernet
653			\|a Real time
653			\|a Integrity
653			\|a Authentication
653			\|a Energy consumption
653			\|a Industrial electronics
700	1		\|a Li, Ji \|u Ningbo HollySys Information Security Research Institute Co., Ltd., Beijing 315100, China
700	1		\|a Zhao, Yong \|u School of Computer Science, Beijing University of Technology, Beijing 100124, Chinazhaoyong08@bjut.edu.cn (Y.Z.)
700	1		\|a Fan Zhaohong \|u Ningbo HollySys Information Security Research Institute Co., Ltd., Beijing 315100, China
773	0		\|t Electronics \|g vol. 14, no. 18 (2025), p. 3674-3698
786	0		\|d ProQuest \|t Advanced Technologies & Aerospace Database
856	4	1	\|3 Citation/Abstract \|u https://www.proquest.com/docview/3254508802/abstract/embedded/IZYTEZ3DIR4FRXA2?source=fedsrch
856	4	0	\|3 Full Text + Graphics \|u https://www.proquest.com/docview/3254508802/fulltextwithgraphics/embedded/IZYTEZ3DIR4FRXA2?source=fedsrch
856	4	0	\|3 Full Text - PDF \|u https://www.proquest.com/docview/3254508802/fulltextPDF/embedded/IZYTEZ3DIR4FRXA2?source=fedsrch